Slashdot Mirror
Mac Thief Caught Thanks To Applescript & Timbuktu
el.cerrito.slasher sent in an amusing bit found on MacSlash. This story
is a tale of a stolen iMac that just happened to be running Timbuktu (a remote
control program like VNC I believe). Well the stolen box kept getting
used, and the owner was able to track it down through
a variety of amusing Timbuktu Fu. Funny story.
I had flashbacks to reading "The Cuckoo's Egg" while reading this transcription. Does anyone else remember reading the commands listed in the book and quickly running over to a unix box to play?
Honestly, I'm not -too- surprised that this happened. My machine runs:
/bin/date | mail
/sbin/ifconfig -a | mail
(Running dyndns would be interesting also.)
on bootup. I originally did this so that I could keep track of my box and identify when it went down and what the current IP was so I could ssh in and look around more comprehensively, although it has crossed my mind that if my machine were to get stolen it might report back to me where it was. I'd happy to see that it's worked out at least once for someone.
Most ISPS keep logs of usernames and passwords on certain ips (especially if they're static/near static as in a cable modem or dsl connection). From there, it's fairly easy for the ISP for connect that back to a real name.
I'd be very intrested to see if this is enough information to get a search warrent.
-- Mike wildcard@illuminatus.org
The article doesn't say the thief was caught. To quote the guy himself: "So the conclusion to the story is: iMac and Lexmark printer recovered, one female pled out to possession of stolen property and got a year's probation.".
Possession of stolen property is very different to theft. She claims to have bought the imac from "some guy". Ok, she might be complicit, but we won't ever know.
ooooooh! What does this button do? - DeeDee, Dexters Lab.
"Computer, update website" (computer executes the 'update website' applescript, which would probably be very similar to the parent post's Applescript"
Since Applescript is easy, powerful, and voice-activated like this, you can do some amazing stuff on the mac with very little effort. It impresses the hell out of other people, too.
(FWIW, the PC emulator VirtualPC is Applescriptable - you can have a LOT of fun with that: imagine the above Applescript, but add the part where the script fires up VirtualPC and loads your webpage in IE for Windows to make sure it looks good on that platform too. All this while you're playing Oni)
Actually you can most likely do that on a Mac. All of the Macs in the past 5 - 8 years use a BIOS-like system called called Open Firmware. Open Firmware basically sets up the machine to load up the operating system and it does other initialization tasks. It is also used by some other computer manufacturers as it is an open standard.
The neat thing about Open Firmware is that it is programmable. It is written in Forth and you can write additions to it and install them. These additions are persistent across power-downs and can be password protected. So it is possible that you can write some sort of network notification into Open Firmware, I do know that it is aware of TCP and such because you can remotely operate the machine if it crashes in open firmware and you can also use Open Firmware to network boot the machine.
The other cool thing about Open Firmware is that you can set it to require a password at boot. If the password is not entered then the machine will not load ANY drive. This password is much harder to disable than an operating system password or hard drive password lock, although there are a few obscure and involved ways of bypassing it if you are extremely familiar with the system.
This page has some good links on Open Firmware. This site is hosted by Sun and has a ton of very specific and detailed information on Open Firmware. And lastly, Open Firmware is the only firmware standard in existence to have its own song!
Sapere aude!